Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update CSP #2775

Merged
merged 4 commits into from
Sep 2, 2024
Merged

fix: update CSP #2775

merged 4 commits into from
Sep 2, 2024

Conversation

chris13524
Copy link
Member

@chris13524 chris13524 commented Aug 30, 2024
edited
Loading

  • Updates the CSP to enforce
  • Removes script-src unsafe-inline as this is totally unsafe
  • Removes .com API endpoints to enforce the use of the .org endpoints
    • Will do in follow-up PR as looks like we are still using .com
  • Adds * to img-src to allow loading ENS avatar images from any URL

@chris13524 chris13524 self-assigned this Aug 30, 2024
@vercel Vercel
Copy link

vercel bot commented Aug 30, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
web3modal-gallery ✅ Ready (Inspect) Visit Preview Sep 2, 2024 7:47pm
web3modal-laboratory ✅ Ready (Inspect) Visit Preview Sep 2, 2024 7:47pm

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 30, 2024
edited
Loading

Coverage Report for Coverage

Status Category Percentage Covered / Total
🔵 Lines 87.52% 3186 / 13174
🔵 Statements 87.52% 3186 / 13174
🔵 Functions 161.44% 236 / 723
🔵 Branches 214.99999999999997% 428 / 845
File CoverageNo changed files found.
Generated in workflow #5907

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 30, 2024
edited
Loading

♻️ Vite-Size ♻️

Size Difference

Size (kb) Gzip (kb)
Total Diff. 0 0

Current Size

Name Size (kb) Gzip (kb)
assets/index-BtFkhyzW.js 1472.873 417.127
assets/noble-curves.js 31.941 12.78
assets/2.19.6_bufferutil.js 2.789 1.325
assets/index.js 161.83 59.282
assets/index2.js 102.249 29.113
assets/index3.js 304.389 87.281
assets/walletconnect-ethereum-provider.js 278.197 80.094
assets/index4.js 11.601 3.211
assets/w3m-modal.js 6.992 2.509
assets/index5.js 12.674 4.695
assets/hooks.module.js 74.776 25.685
assets/walletconnect-modal-ui.js 112.43 34.328
index.html 0.329 0.236
Total Size 2573.07 757.666

Base Size

Name Size (kb) Gzip (kb)
assets/index-BtFkhyzW.js 1472.873 417.127
assets/noble-curves.js 31.941 12.78
assets/2.19.6_bufferutil.js 2.789 1.325
assets/index.js 161.83 59.282
assets/index2.js 102.249 29.113
assets/index3.js 304.389 87.281
assets/walletconnect-ethereum-provider.js 278.197 80.094
assets/index4.js 11.601 3.211
assets/w3m-modal.js 6.992 2.509
assets/index5.js 12.674 4.695
assets/hooks.module.js 74.776 25.685
assets/walletconnect-modal-ui.js 112.43 34.328
index.html 0.329 0.236
Total Size 2573.07 757.666

@chris13524 chris13524 mentioned this pull request Sep 2, 2024
Closed
@chris13524 chris13524 merged commit 441d0d5 into main Sep 2, 2024
14 checks passed
@chris13524 chris13524 deleted the fix/update-csp-2 branch September 2, 2024 23:23
@chris13524 chris13524 mentioned this pull request Sep 3, 2024
Closed
10 tasks
@chris13524 chris13524 mentioned this pull request Oct 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@enesozturk enesozturk enesozturk approved these changes

@tomiir tomiir tomiir approved these changes

Assignees

@chris13524 chris13524

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chris13524 @tomiir @enesozturk